Sr. Cybersecurity Architect

Overview

On Site
Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - 24 Month(s)
No Travel Required

Skills

Cybersecurity Architecture
governance and program development
OWASP/NIST
Cybersecurity Framework and security controls
Enterprise Security Technology Architecture
policy development

Job Details

Senior Lead Cybersecurity Architect

Scope of Work:

  1. c) Duties and responsibilities of the Senior Lead Cybersecurity Architect includes but are not limited to the following:
  2. i) Oversee and perform duties of the Cybersecurity Analyst.
  3. ii) Develop and enhance a forward-looking cybersecurity program that aligns with business operations and supports diverse technology hosting environments.

iii) Assist in the development and evaluation of Requests for Proposal (RFPs) for technology engagements across the enterprise, providing cybersecurity expertise and insights to ensure alignment with cybersecurity strategy and objectives.

  1. iv) Collaborate with cross-functional teams to gather requirements, define evaluation criteria, and assess vendor proposals against cybersecurity standards, best practices, and regulatory requirements.
  2. v) Work closely with procurement, legal, and vendor management teams to develop and update cybersecurity standard language, negotiate contracts, service level agreements (SLAs), and security provisions with selected vendors,

ensuring adequate cybersecurity protections and safeguards are in place.

  1. vi) Develop and maintain risk management processes and frameworks that encompass internal assets, third-party vendors, and enterprise architecture.

vii) Collaborate with stakeholders to identify and assess cybersecurity risks, vulnerabilities, and threats across the organization's technology infrastructure and ecosystem.

viii) Implement risk mitigation strategies, controls, and countermeasures to reduce cybersecurity risks to an acceptable level, in alignment with organizational risk tolerance and business objectives.

  1. ix) Monitor and report on the effectiveness of risk management initiatives, tracking key risk indicators, metrics, and performance indicators to stakeholders and senior leadership.
  2. x) Continuously evaluate and enhance risk management processes, methodologies, and tools to adapt to evolving cybersecurity threats, regulatory requirements, and business priorities.
  3. xi) Design and evolve a tailored cybersecurity risk management approach that considers the organization's needs, available resources, and security maturity level. Ensure alignment with broad regulatory and compliance requirements while avoiding reliance on a single approach, opting instead for flexibility and alignment with broader risk management objectives.

xii) Develop innovative solutions and recommendations to enhance cybersecurity risk management processes.

xiii) Lead assessments of current cybersecurity principles, processes, and controls, and oversee evaluations of new technologies against established standards.

xiv) Provide regular technical guidance and direction to support business operations, technical teams, contractors, and vendors.

  1. xv) Collaborate with stakeholders and senior leaders to propose operational changes that enhance cybersecurity.

xvi) Serve as a subject matter expert in various cybersecurity technical and governance topics across the organization.

xvii) Advocate for firm-wide implementation and adoption of frameworks, tools, and practices such as the Secure Software Development Life Cycle and Threat Modeling.

xviii) Act as a thought leader in advocating for the adoption of relevant cybersecurity approaches and technologies within the organization's operations.

Required Background:

  1. In addition to meeting all requirements for Cybersecurity Governance Analyst, the Lead Cybersecurity Architect candidate shall also have at least fifteen (15) years' experience in the field with a major entity (e.g. Fortune 300 company or state or federal government organization).
  2. Minimum of 15 years of experience in Technology Architecture, specializing in Network, Cloud, Enterprise Security, Systems, and Software Architecture, including Secure System Development Lifecycle.
  3. Minimum of 10 years of experience in Cybersecurity, with extensive expertise in Governance and Program Development, Cybersecurity Operations, Architecture Assessments, RFP Development, and Vendor Negotiation.
  4. Minimum of 15 years of experience consulting with large program implementations for Federal or Local Government clients.
  5. Proficiency in Threat Modeling, Architecture Reviews, and Hardening Standards implementation.
  6. Strong background in Enterprise Security Technology Architecture and resilience strategy development.
  7. Experience aligning Cybersecurity Programs with business operations and industry best practices.
  8. Skilled in secure software development lifecycle management and compliance frameworks (OWASP, NIST).
  9. Proficient in Risk Management Framework, Cybersecurity Framework, and security controls.
  10. Ability to develop cybersecurity training content and lead workshops.
  11. Expertise in organizational cybersecurity cooperation, policy development, and tabletop exercises.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.